Demo: Exploiting a Blind XSS & Second Order SQL Injection

Robert Abela - Thu, 11 May 2017 -

During this Demo, our CEO Ferruh Mavituna explains in detail what Blind XSS and Second Order SQL Injection vulnerabilities are and shows how malicious hackers can exploit them.

Your Information will be kept private.

Demo: Exploiting a Blind XSS & Second Order SQL Injection
This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.

Watch the Tech Segment from Paul’s Security Weekly show #512 for a live demo of how to exploit a Blind Cross-site Scripting (XSS) and a Second Order SQL Injection vulnerability.

The demos were delivered by our CEO Ferruh Mavituna. During the demos, Ferruh also explains all the technical details of how these vulnerabilities work and demonstrates how malicious hackers can exploit them to exfiltrate sensitive data from the vulnerable web application.

Your Information will be kept private.